Based on the comments in my last post on DAM, especially the one from Mike Spiers, I want to make it clear that if you are performing Database Activity Monitoring it should be owned and managed by security.

It’s fine for DBAs to manage regular database auditing (unless they’re the auditing target), but DAM is a security-specific tool whose primary benefits are to create separation of duties (from the DBAs) and to give security insight into the database.

You might need DBAs to get it integrated with the database and confirm performance, but that’s where their involvement stops.

Share: